Solved

Windows 2003 RAS ip conflict?

Posted on 2006-11-04
3
287 Views
Last Modified: 2011-10-03
Hi all,

This has been bugging me for some time and I cannot find an answer.  Looking for some help please...

The problem:

The server 2003 has a fixed ip address of 192.168.1.1 and only 1 nic.
When clients connect in over pptp vpn using rras, they are allocated a dhcp address in that same range.
Most home routers use the same ip range so there is a conflict and, whilst the pptp connection is successful, clients cannot access email etc.

What I have been doing is getting staff to change their home dhcp scopes to 192.168.200.0/24 and that works perfectly.

I am wondering what the correct solution to this problem is on the server side?  

In this setup it's actually sbs2003(sp1) and there are no complex routers/firewalls etc.  

Thanks for the help...

0
Comment
Question by:camackay
3 Comments
 
LVL 77

Accepted Solution

by:
Rob Williams earned 300 total points
ID: 17872905
I am afraid the solution is to change the server side as you suggested. If you plan to use VPN's, avoid setting up your network with common subnets such as 192.168.0.0, 192.168.1.0, 192.168.2.0, 192.168.100.0, and 10.0.0.0
Should you plan to change the server, make sure you plan carefully, all static IP's for servers, printers and such must be changed, and all DHCP addresses refreshed. VERY important on SBS you use the wizard to change the IP,, or many services such as sharepoint and web access features will stop working, if you do it manually.

There is one other possible option. On the client's virtual/VPN adapter, there is an option to use the remote gate way, located:
control panel | network connections | right click on the VPN/Virtual adapter and choose properties | Networking | TCP/IP -properties | Advanced | General | un-check  "Use default gateway on remote network"
If this is enabled, you can often connect with similar subnets. It is enabled by default, so perhaps you have been switching it of ?  This protects the corporate network from local traffic, but also blocks users from connecting to local resources at the client site such as shared printers and local Internet access. It should be enabled but a lot of people don't like the restrictions ans un-check it.
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Suggested Solutions

Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now